1.8 million workforce shortage in cyber security by 2022: Study

Chennai: Cyber threats have evolved rapidly in recent times, and are no longer the domain of a limited number of skilled individuals. Readymade malware kits have substantially lowered the bar for cyber criminals as lacking the technical know-how is no longer a barrier.

In 2015, Frost & Sullivan had forecast a 1.5 million worker shortage by 2020. In light of recent events and shifting industry dynamics, that forecast has been revised to a 1.8 million worker shortage by 2022, according to the 2017 Global Information Security Workforce Study.

The Center for Cyber Safety and Education partnered with (ISC)2, Booz Allen Hamilton, Alta Associates and Frost & Sullivan to examine the state of response to developing risks in the 2017 survey, with over 19,000 respondents from 170 countries.

While the gap continues to grow, the survey finds that hiring is on the rise across geographies including Asia Pacific. Kelly Services India has witnessed a 10-15% increase in demand for cyber security professionals across sectors.

“In the IT space, we see an increase in demand towards niche skills that have exposure in planning security frameworks across IT infrastructure, application development and app development,” said Thammaiah BN, MD, Kelly Services India.

HR experts say companies are ready to invest in talent as data thefts and breaches can cost millions of dollars and can mar the brand image.

Given that security frameworks are very specific to companies, hiring is being driven by the need to have talent in-house who can customize and make it specific to their business.

In healthcare, the need to protect research and patient data is driving demand for cybersecurity professionals while in FMCG, it is data related to market insights, product research, says Thammaiah.

Cyber security organisations scouting for talent themselves see a huge gap. “Taking a certificate course in security may work now, but not for long. We hire engineers with domain expertise and train them in cyber. A developer will be trained to test security in web-applications. A network engineer will be trained to test for security in networks. We look for experts in databases, operating systems, networks, and application development. Only if you are good at something you can break it,” said Ram Swaroop, cofounder, CyberSecurityWorks, a Chennai based security company.

While there are colleges that offer full time courses in cyber security, there continues to be a dearth for skilled security professionals.

“There are colleges but often these concentrate on teaching technology rather than proactive techniques of cyber security and investigation. Technology evolves; the basic techniques don't. With the evolving ecosystem, we will see larger numbers,” said Shuchi Nagpal, chief education officer, Asian School of Cyber Laws.

Subscribe ETCIO Newsletter

As the Special Chief Secretary & IT Advisor to the Chief Minister - Govt. of Andhra Pradesh, J A Chowdary is all for chasing new growth horizons, pursuing radically different development approaches and outguessing technology trends that will shape the future.

As the Special Chief Secretary & IT Advisor to the Chief Minister - Govt. of Andhra Pradesh, J A Chowdary is all for chasing new growth horizons, pursuing radically different development approaches and outguessing technology trends that will shape the future.